I've already blogged about the new RadInputManager control in the Beta of Q3 2008 for RadControls ASP.NET AJAX.
One of the other very useful features that you can now take advantage of in the RadInputManager is its RegExpTextBox setting. Regular expressions are a good way to validate text fields such as names, addresses, phone numbers, and other user information. You can use it to constrain input, apply formatting rules, and check lengths.
If you capture input by using TextBox controls, you can use the RegExpTextBoxSetting settings to validate that input - for example to restrict the range of valid characters, to strip unwanted characters, and to perform length and format checks. You can constrain the input format by defining patterns that the input must match.
To validate a TextBox control's input using a RegExpTextBoxSetting
1. Add a RadInputManager control to your page.
If you click the "Configure Input Manager" link it will bring up the following dialog:
2 . Select what type of setting you will be adding
3. Select "Telerik.Web.UI.RegExpTextBoxSetting" and indicate which TextBox controls will be extended.
4. Select the ValidationExpression property and choose an appropriate regular expression. Set the ErrorMessage property to define the message to display if the validation fails.
5. Press "OK" and start the application.
Input validation can become a security issue if an attacker discovers that you have made unfounded assumptions. The attacker can then supply carefully crafted input that compromises your application by attempting SQL injection, cross-site scripting, and other injection attacks. To avoid such vulnerability, you should validate text fields (such as names, addresses, tax identification numbers, and so on) and use a RadInputManager to do that. The RadInputManager architecture makes it really easy to encapsulate UI functionality and behavior.
For more information, see the regular expression tutorial at http://www.regular-expressions.info/tutorial.html.